MTU problem on UDP
Kevin
kevinchou.c at gmail.com
Sun Mar 23 21:45:54 EDT 2014
Hi List
days ago I post "Can't reach some route in Anyconnect”
http://lists.infradead.org/pipermail/openconnect-devel/2014-March/001759.html
and now I finally find out why.
in my iptables I have a role to enable udp like this
-A INPUT -p udp -m udp --dport 443 -j ACCEPT
after I remove this role from the iptables, My problem solved.
seems The TCP backup didn’t have the MTU problem.
but I already added
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
and even tried
custom-header = "X-DTLS-MTU: 1200"
custom-header = "X-CSTP-MTU: 1200”
set mtu = 1200 in config file. nothing helped.
So I guess this is a MTU bug on UDP?
--
Kevin
Sent with Airmail
More information about the openconnect-devel
mailing list